[pve-devel] [PATCH docs] pveum: document correct path for ldap/realm credentials

Christoph Heiss c.heiss at proxmox.com
Fri Mar 28 13:07:25 CET 2025


/etc/pve/priv/realm has been the default path since commit

  782b702db ("auth ldap/ad: make password a parameter for the api")

That commit was part of pve-access-control 6.0-7.

Replace /etc/pve/priv/ldap with /etc/pve/priv/realm, to avoid pointing
users to the deprecated path.

It's not used anywhere in our code too, except as (very) old fallback.

Signed-off-by: Christoph Heiss <c.heiss at proxmox.com>
---
 pveum.adoc | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pveum.adoc b/pveum.adoc
index 0cc267e..c5fbd46 100644
--- a/pveum.adoc
+++ b/pveum.adoc
@@ -224,8 +224,8 @@ attribute would be `uid`.
 If {pve} needs to authenticate (bind) to the LDAP server before being
 able to query and authenticate users, a bind domain name can be
 configured via the `bind_dn` property in `/etc/pve/domains.cfg`. Its
-password then has to be stored in `/etc/pve/priv/ldap/<realmname>.pw`
-(for example, `/etc/pve/priv/ldap/my-ldap.pw`). This file should contain a
+password then has to be stored in `/etc/pve/priv/realm/<realmname>.pw`
+(for example, `/etc/pve/priv/realm/my-ldap.pw`). This file should contain a
 single line with the raw password.
 
 To verify certificates, you need to set `capath`. You can set it either
-- 
2.48.1





More information about the pve-devel mailing list